Commit graph

10 commits

Author SHA1 Message Date
Antoine Martin a516d841e1 lohr: v0.3.1 2021-03-30 23:02:32 +02:00
Antoine Martin 78194b69ad cargo: bump lockfile 2021-03-30 22:59:39 +02:00
Antoine Martin 422024d919 main: support config override with CLI flag 2021-03-30 22:51:51 +02:00
Bruno BELANYI 9de7c783ae job: add processing blacklist to global config 2021-03-30 16:28:00 +00:00
Antoine Martin 682e9c5bcc lohr: v0.3.0
This brings support for webhook signature verification, making lohr
usable in a production setting.
2021-03-30 11:33:42 +02:00
Antoine Martin 7e3c8b8f28 lohr: validate webhook signature
Previously lohr was unusable in a production setting, anyone could forge
a malicious webhook and either:

- mirror a private repo of yours to another remote they own
- wipe a repo of yours by forcing mirroring from an empty mirror

This is no longer the case!
2021-03-30 11:33:42 +02:00
Antoine Martin 7134b7700f lohr: v0.2.1 2021-03-30 01:12:50 +02:00
Antoine Martin 0ddcd24f33 lohr: v0.2.0 2021-03-30 01:04:15 +02:00
Bruno BELANYI 295a28bab4 lohr: add default and additional remotes
Co-authored-by: Antoine Martin <antoine@alarsyo.net>
2021-03-29 20:52:04 +02:00
Antoine Martin b37891af49 setup basic app 2021-03-29 02:01:53 +02:00